Skip to content

Commit

Permalink
Dataflow: Simplify diff-informed implementation and tweak flag name.
Browse files Browse the repository at this point in the history
  • Loading branch information
@aschackmull
aschackmull committed Sep 19, 2024
1 parent 2e6f34d commit a6c49fd
Show file tree
Hide file tree
Showing 68 changed files with 175 additions and 401 deletions.
8 changes: 1 addition & 7 deletions cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl1.qll
View file
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate diffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
8 changes: 1 addition & 7 deletions cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl2.qll
View file
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate diffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
8 changes: 1 addition & 7 deletions cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl3.qll
View file
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate diffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
8 changes: 1 addition & 7 deletions cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImpl4.qll
View file
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate diffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
8 changes: 1 addition & 7 deletions cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowImplLocal.qll
View file
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate diffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
8 changes: 1 addition & 7 deletions cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl1.qll
View file
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate diffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
8 changes: 1 addition & 7 deletions cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl2.qll
View file
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate diffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
8 changes: 1 addition & 7 deletions cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl3.qll
View file
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate diffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
8 changes: 1 addition & 7 deletions cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowImpl4.qll
View file
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate diffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
8 changes: 1 addition & 7 deletions csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl1.qll
View file
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate diffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
8 changes: 1 addition & 7 deletions csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl2.qll
View file
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate diffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
8 changes: 1 addition & 7 deletions csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl3.qll
View file
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate diffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
8 changes: 1 addition & 7 deletions csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl4.qll
View file
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate diffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
8 changes: 1 addition & 7 deletions csharp/ql/lib/semmle/code/csharp/dataflow/internal/DataFlowImpl5.qll
View file
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate diffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
8 changes: 1 addition & 7 deletions go/ql/lib/semmle/go/dataflow/internal/DataFlowImpl1.qll
View file
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate diffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
8 changes: 1 addition & 7 deletions go/ql/lib/semmle/go/dataflow/internal/DataFlowImpl2.qll
View file
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate diffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
8 changes: 1 addition & 7 deletions java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl1.qll
View file
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate diffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
8 changes: 1 addition & 7 deletions java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl2.qll
View file
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate diffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
8 changes: 1 addition & 7 deletions java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl3.qll
View file
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate diffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
8 changes: 1 addition & 7 deletions java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl4.qll
View file
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate diffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
8 changes: 1 addition & 7 deletions java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl5.qll
View file
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate diffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
8 changes: 1 addition & 7 deletions java/ql/lib/semmle/code/java/dataflow/internal/DataFlowImpl6.qll
View file
Original file line number Diff line number Diff line change
Expand Up @@ -284,13 +284,7 @@ deprecated private module Config implements FullStateConfigSig {

predicate includeHiddenNodes() { any(Configuration config).includeHiddenNodes() }

predicate filterForSourceOrSinkAlerts() { none() }

predicate isFilteredSource(Node source, FlowState state) { isSource(source, state) }

predicate isFilteredSink(Node sink, FlowState state) { isSink(sink, state) }

predicate isFilteredSink(Node sink) { isSink(sink) }
predicate diffInformedIncrementalMode() { none() }
}

deprecated private import Impl<Config> as I
Expand Down
2 changes: 1 addition & 1 deletion java/ql/lib/semmle/code/java/security/AndroidIntentRedirectionQuery.qll
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ module IntentRedirectionConfig implements DataFlow::ConfigSig {
any(IntentRedirectionAdditionalTaintStep c).step(node1, node2)
}

predicate filterForSourceOrSinkAlerts() { any() }
predicate diffInformedIncrementalMode() { any() }
}

/** Tracks the flow of tainted Intents being used to start Android components. */
Expand Down
2 changes: 1 addition & 1 deletion java/ql/lib/semmle/code/java/security/ExternallyControlledFormatStringQuery.qll
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ module ExternallyControlledFormatStringConfig implements DataFlow::ConfigSig {
node.getType() instanceof NumericType or node.getType() instanceof BooleanType
}

predicate filterForSourceOrSinkAlerts() { any() }
predicate diffInformedIncrementalMode() { any() }
}

/**
Expand Down
2 changes: 1 addition & 1 deletion java/ql/lib/semmle/code/java/security/FragmentInjectionQuery.qll
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ module FragmentInjectionTaintConfig implements DataFlow::ConfigSig {
any(FragmentInjectionAdditionalTaintStep c).step(n1, n2)
}

predicate filterForSourceOrSinkAlerts() { any() }
predicate diffInformedIncrementalMode() { any() }
}

/**
Expand Down
2 changes: 1 addition & 1 deletion java/ql/lib/semmle/code/java/security/GroovyInjectionQuery.qll
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ module GroovyInjectionConfig implements DataFlow::ConfigSig {
any(GroovyInjectionAdditionalTaintStep c).step(fromNode, toNode)
}

predicate filterForSourceOrSinkAlerts() { any() }
predicate diffInformedIncrementalMode() { any() }
}

/**
Expand Down
2 changes: 1 addition & 1 deletion java/ql/lib/semmle/code/java/security/ImplicitPendingIntentsQuery.qll
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ module ImplicitPendingIntentStartConfig implements DataFlow::StateConfigSig {
c instanceof DataFlow::ArrayContent
}

predicate filterForSourceOrSinkAlerts() { any() }
predicate diffInformedIncrementalMode() { any() }
}

module ImplicitPendingIntentStartFlow =
Expand Down
2 changes: 1 addition & 1 deletion java/ql/lib/semmle/code/java/security/InsecureBeanValidationQuery.qll
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ module BeanValidationConfig implements DataFlow::ConfigSig {

predicate isSink(DataFlow::Node sink) { sink instanceof BeanValidationSink }

predicate filterForSourceOrSinkAlerts() { any() }
predicate diffInformedIncrementalMode() { any() }
}

/** Tracks flow from user input to the argument of a method that builds constraint error messages. */
Expand Down
2 changes: 1 addition & 1 deletion java/ql/lib/semmle/code/java/security/InsecureLdapAuthQuery.qll
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ module InsecureLdapUrlConfig implements DataFlow::ConfigSig {
)
}

predicate filterForSourceOrSinkAlerts() { any() }
predicate diffInformedIncrementalMode() { any() }
}

module InsecureLdapUrlFlow = TaintTracking::Global<InsecureLdapUrlConfig>;
Expand Down
Loading

0 comments on commit a6c49fd

Please sign in to comment.